Feedback
Tech

Jeep Hackers’ Are Back With a Scary New Trick

Imagine driving down the highway with your foot on the gas and hands on the steering wheel, only to come to a screeching halt without ever hitting the brakes.

Two security researchers who detailed an apparent hack into a 2014 Jeep Cherokee last year shared their latest exploits at the Black Hat hacker conference on Thursday in Las Vegas.

Charlie Miller and Chris Valasek, the two hacking experts behind the stunt, demonstrated to a Wired reporter last year how they were able to access the SUV's computer system and then rewrite the firmware to plant a malicious code allowing them to control everything from the air conditioning and music to the Jeep's steering, brakes and transmission, according to Wired.

Image: 2014 Jeep Cherokee Limited
2014 Jeep Cherokee Limited Chrysler Group LLC

The new tricks detailed this year are far scarier, including unintended acceleration, the ability to turn the vehicle's steering wheel and slam on the brakes at higher speeds. Their previous research only allowed them to commandeer these features if the Jeep was going slower than 5 miles per hour.

While last year's hack was done remotely, this year's required a laptop directly plugged into the Jeep's network, located just under its dashboard.

The duo said they were then able to get the car's electronics system to listen to messages they were sending, not ones from the different computer systems in the vehicle.

Read More: Chrysler Recalls 1.4 Million Cars After Remote Hacking of Jeep

It's a complex hack that requires time and expertise, and one the typical driver likely wouldn't have to worry about in the near future. However, Miller and Valasek said they wanted to get the word out now so car companies can build safer systems.

Fiat Chrysler declined NBC News' request for an interview but said in an email the hack didn't show any new ways to remotely hack the vehicle.

"While we admire their creativity, it appears that the researchers have not identified any new remote way to compromise a 2014 Jeep Cherokee or other FCA US vehicles," the company said in a statement.

Fiat Chrysler held a voluntary safety recall for some vehicles last year, allowing them to be updated with security enhanced software. The automaker said it appeared the software used in the vehicle hacked by Miller and Valasek was altered back to an older version, something the pair dispute, according to the AP.

After their presentation on Thursday, Miller and Valasek said they plan to publish a white paper "in the next few days" but said their auto hacking days are behind them.